SitePoint Sponsor

User Tag List

Results 1 to 12 of 12
  1. #1
    SitePoint Evangelist
    Join Date
    Apr 2002
    Posts
    523
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Search and my sql problem

    Hi all? How are you doing? What I am doing is i try to run "searching script" If a user are looking for a PHP book, it comes out PHP book infomation from my database.

    but my script doesn't work at all

    my php editor says"
    PHP Code:
    NoticeUndefined variablesearchtype in c:\ito\search.php on line 8
    you have not entered search details
    Please go back and try again
    and my php is 4.22

    could you please help this script?

    Here is code

    PHP Code:

    <html>
    <head></head>
    <body>

    <?php


    if(!$searchtype || !$searchterm)
    {
    echo
    "you have not entered search details. Please go back and try again.";
      exit;
    }


    $searchtype addcslashes($searchtype);
    $searchterm addcslashes($searchterm);
    $db mysql_pconnect("localhost","itohideo","1234");

    if(!
    $db){

     echo
    "Error: Could not connet to dateabse. Please try again later.";
     exit;

    }
    trim($searchterm);
    mysql_select_db("itohideo");
    $sql="select * from books where".$searchtype." like '%".$searchterm."%'";
    $result=mysql_query($sql);
    $num_results=mysql_num_rows($result);

    echo
    "<p>Number of books found: ".$num_results."</p>";


      for(
    $i=0$i<$num_results$i++)
      {
      
    $row=mysql_fetch_array($result);
      echo 
    "<p><strong>".($i+1).".Title: ";
      echo 
    htmlspecialcharsstripslashes($row["title"]));
      echo
    "</strong><br>Author: ";
      echo 
    htmlspecialcharsstripslashes($row["atthor"]));
      echo
    "<br>ISBN: ";
      echo 
    htmlspecialcharsstripslashes($row["isbn"]));
      echo
    "<br>Price: ";
      echo 
    htmlspecialcharsstripslashes($row["price"]));
      echo 
    "</p>";
      
       }



    ?>
    </body>
    </html>

  2. #2
    SitePoint Enthusiast Ckeren's Avatar
    Join Date
    Jun 2001
    Location
    AU
    Posts
    98
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    There are few problems in your code. But first lets talk about security.

    Here you have 2 variables that what I assumed is treated as global variables

    $searchtype
    $searchterm

    I would suggest use super_global is much saver than global. But again if you are not concern about security that will be no problem but make sure in your PHP.INI glabal switch is ON


    Ok your code should have this isset appand

    PHP Code:
    if(!isset($searchtype) || !isset($searchterm))
    {
       echo
    "you have not entered search details. Please go back and try again."
       exit; 


  3. #3
    SitePoint Evangelist
    Join Date
    Apr 2002
    Posts
    523
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    register_globals is off how can I swtich to "ON"??

    Is that any problem "register_globals"??


    Moreover I think that my database command should be wrong.
    it doesn't come data from my database. Something worng.

    Just only show my text
    PHP Code:
     "you have not entered search details. Please go back and try again." 

    Please tell me what it is going on

    Thank you very much

  4. #4
    ********* Genius Mike's Avatar
    Join Date
    Apr 2001
    Location
    Canada
    Posts
    5,458
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Well if the search form is set to POST, then you'd have to define the variables on the top of the page

    PHP Code:
    <?php

      $searchtype 
    $_POST["searchtype"];
      
    $searchterm $_POST["searchterm"];

      if(!isset(
    $searchtype) || !isset($searchterm)) 
      { 
       echo(
    "you have not entered search details. Please go back and try again.");  
       exit;  
      }

      
    $searchtype addcslashes($searchtype); 
      
    $searchterm addcslashes($searchterm);
      
    trim($searchterm);

      
    $dbconnect = @mysql_connect("localhost""ithideo""1234");
      if (!
    $dbconnect) {
        echo( 
    "<p>Unable to connect to the " .
              
    "database server at this time.</p>" );
        exit();
      }

      if (! @
    mysql_select_db("itohideo") ) {
        echo( 
    "<p>Unable to locate the host " .
              
    "database at this time.</p>" );
        exit();
      }

      
    $sql "SELECT * FROM books WHERE" $searchtype " LIKE '%" $searchterm "%'"
      
    $result mysql_query($sql); 
      
    $num_results mysql_num_rows($result); 

      echo(
    "<p>Number of books found: " $num_results "</p>"); 

      for(
    $i=0$i<$num_results$i++) 
      { 
      
    $row=mysql_fetch_array($result); 
      echo 
    "<p><strong>".($i+1).".Title: "
      echo 
    htmlspecialcharsstripslashes($row["title"])); 
      echo
    "</strong><br>Author: "
      echo 
    htmlspecialcharsstripslashes($row["atthor"])); 
      echo
    "<br>ISBN: "
      echo 
    htmlspecialcharsstripslashes($row["isbn"])); 
      echo
    "<br>Price: "
      echo 
    htmlspecialcharsstripslashes($row["price"])); 
      echo 
    "</p>"
       
      } 

    ?>
    Last edited by naramation; Sep 19, 2002 at 10:55.
    Mike
    It's not who I am underneath, but what I do that defines me.

  5. #5
    SitePoint Evangelist
    Join Date
    Apr 2002
    Posts
    523
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    sitll not working yet

    my php eidtor says

    PHP Code:
      NoticeUndefined indexsearchtype in c:\ito\search.php on line 3

    Notice
    Undefined indexsearchterm in c:\ito\search.php on line 4
    you have not entered search details
    Please go back and try again
    I think that variables are something wrong.

    Thank you very much

  6. #6
    SitePoint Evangelist
    Join Date
    Apr 2002
    Posts
    523
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think that my sql is problem

    i did command like this
    PHP Code:
      create table booksisbn char(13not null primary key
                   author char
    (30),title cahr(60),price float(4,2)); 
    Is it right???
    I am not sure it must be wrong???

  7. #7
    SitePoint Evangelist
    Join Date
    Apr 2002
    Posts
    523
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I did your way but it jsut comes this message


    PHP Code:
    you have not entered search detailsPlease go back and try again



    I think that my sql is problem becasue I get that message above
    "you have not entered search details. Please go back and try again."

    i did command like this



    PHP Code:
    create table booksisbn char(13not null primary key 
                   author char
    (30),title cahr(60),price float(4,2)); 

    Is it right???
    I am not sure it must be wrong???


    Here is new code

    PHP Code:

    <html> 
    <head></head> 
    <body> 

    <?php 


    if(!isset($searchtype) || !isset($searchterm))

    echo
    "you have not entered search details. Please go back and try again."
      exit; 



    $searchtype addcslashes($searchtype); 
    $searchterm addcslashes($searchterm); 
    $db mysql_pconnect("localhost","itohideo","1234"); 

    if(!
    $db){ 

     echo
    "Error: Could not connet to dateabse. Please try again later."
     exit; 


    trim($searchterm); 
    mysql_select_db("itohideo"); 
    $sql="select * from books where".$searchtype." like '%".$searchterm."%'"
    $result=mysql_query($sql); 
    $num_results=mysql_num_rows($result); 

    echo
    "<p>Number of books found: ".$num_results."</p>"


      for(
    $i=0$i<$num_results$i++) 
      { 
      
    $row=mysql_fetch_array($result); 
      echo 
    "<p><strong>".($i+1).".Title: "
      echo 
    htmlspecialcharsstripslashes($row["title"])); 
      echo
    "</strong><br>Author: "
      echo 
    htmlspecialcharsstripslashes($row["atthor"])); 
      echo
    "<br>ISBN: "
      echo 
    htmlspecialcharsstripslashes($row["isbn"])); 
      echo
    "<br>Price: "
      echo 
    htmlspecialcharsstripslashes($row["price"])); 
      echo 
    "</p>"
       
       } 



    ?> 
    </body> 
    </html>

  8. #8
    SitePoint Enthusiast Ckeren's Avatar
    Join Date
    Jun 2001
    Location
    AU
    Posts
    98
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well if your global is OFF

    then you should not treat the variables like that. Because the way your writing the code is for the condition where your global is ON.

    This code here is for the condition where your register_global is ON
    PHP Code:
    if(!isset($searchtype) || !isset($searchterm)) 
    {  
    echo
    "you have not entered search details. Please go back and try again.";  
      exit;  


    This code here is for the condition where your register_global is OFF and your submission method is POST

    PHP Code:
    if(!isset($_POST['searchtype']) || !isset($_POST['searchterm'])) 
    {  
    echo
    "you have not entered search details. Please go back and try again.";  
      exit;  
    }
    else
    {
      
    //Copy from naramation
      
    $searchtype $_POST["searchtype"]; 
      
    $searchterm $_POST["searchterm"]; 


  9. #9
    SitePoint Evangelist
    Join Date
    Apr 2002
    Posts
    523
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    it is not working. I think that my Html code must be wrong.
    Could you please check it for me. Thank you for your time.

    Here is code

    PHP Code:
    <body>
    <
    h1>Book-O-Rama Catalog Search</1>

    <
    form action="result.php" metod="post">
    Choose Search Type:<br>
    <
    select name="searchtype">
    <
    option value="author">author
    <option value="title">title
    <option value="isbn">ISBN
    </select>
    <
    br>
    Enter Search Term:<br>
    <
    input name="searchterm" type="text">
    <
    br>
    <
    input type="submit" value="Search">

    </
    form>


    </
    body>
    </
    html
    Please help me.

    Thank you very much

  10. #10
    SitePoint Addict been's Avatar
    Join Date
    May 2002
    Location
    Gent, Belgium
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    <form action="result.php" metod="post">
    If that is idd. your code, mayB you should try using method="POST" to get to the $_POST[] vars in your script ;-)
    Per
    Everything
    works on a PowerPoint slide

  11. #11
    SitePoint Evangelist
    Join Date
    Apr 2002
    Posts
    523
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    it is not working yet.

    I still get this message

    PHP Code:
    Warningmysql_num_rows(): supplied argument is not a valid MySQL result resource in c:\ito\ps\result.php on line 29

    Number of books found

    How can I fix this script??

    Does anybody have idea ??

    Thank you very much

  12. #12
    SitePoint Addict been's Avatar
    Join Date
    May 2002
    Location
    Gent, Belgium
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Code:
    $sql="select * from books where".$searchtype." like '%".$searchterm."%'";
    I think you should put a space after 'where', otherwise the value of $searchtype will be put right after 'where', producing an invalid sql syntax: example:
    Code:
    SELECT * FROM BOOKS WHEREtitle LIKE '%bobo%'
    Per
    Everything
    works on a PowerPoint slide


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •